Skip to main content
The returned URL is an interface hosted by Iron. Once the customer has completed the flow, Iron reviews the submission, performs verification, and decides on approval. Iron is fully responsible for all compliance obligations, including final verification and ongoing monitoring. POST /customers/{id}/identifications/v2 The request body must include "type": "Link" to select the hosted flow. This is the discriminator that tells the API which identification method to use.
FieldRequiredDescription
typeYesMust be "Link" for hosted identifications
with_eddNoSet to true to initialize with the full Enhanced Due Diligence process
curl -X POST "https://api.sandbox.iron.xyz/api/customers/<customer_id>/identifications/v2" \
  -H "Content-Type: application/json; charset=utf-8" \
  -H "IDEMPOTENCY-KEY: <unique-request-id>" \
  -H "X-API-Key: <your-api-key>" \
  -d '{ "type": "Link" }'
Example response: 
{
  "id": "c3d4e5f6-a7b8-9012-cdef-345678901234",
  "customer_id": "b2c3d4e5-f6a7-8901-bcde-f23456789012",
  "status": "Pending",
  "url": "https://verify.iron.xyz/start?token=...",
  "created_at": "2026-01-15T10:00:00Z",
  "updated_at": "2026-01-15T10:00:00Z"
}
Pass the url to your customer. They complete the verification flow in the hosted interface, and Iron handles the rest.
In Sandbox, you can approve or reject the identification via POST /sandbox/identification/{id} instead of waiting for a manual review. See Sandbox.